• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 8. E-mail Security > Spoofing and Spamming

Spoofing and Spamming

Spoofing and spamming are two completely separate e-mail phenomena. When someone spoofs an e-mail message, he is making it appear to be coming from an e-mail address that you trust. For example, I can send you an e-mail message that looks like it was sent by yourmom@isp12345.com. You would probably not even question the authenticity of this e-mail message; you would trust it just as if it were your mother who sent it. By masquerading as a trusted person, I can trick you into giving out sensitive information. This tactic is similar to when somebody calls you up under a disguised voice, trying to trick you into saying or doing something. People do not commonly question the authenticity of an e-mail message. Most people see the e-mail address that its from and assume that person really composed the message.

The problem is that it takes little skill for someone to forge an e-mail message. I can make any e-mail message look like it is coming from an e-mail address of my choice. The only real way to defend against spoofing is to use digital signatures. (These are discussed in more detail in Chapter 9, “Securing Digital Transactions or SSL and Digital Certification.”)


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint